This Article is written by Divya K. (currently pursuing BBA LLB in Symbiosis Law School)
Table of Contents
Cyber security has been a matter of discussion for a long. Cyber security or information technology security are the techniques of protecting computers, networks, programs, and data from unauthorized access or attacks that are aimed at exploitation. With the enhancement of technology, the problems related to maintaining law or order are also advancing. Nowadays, it is not necessary to wage a war in order to plan aggression, a cyberattack sitting at the offices can also form a lethal attack on the economy of the nation. During covid-19, the cyber-attacks have increased manifold. In order to regulate the activities in cyberspace, international law was referred to. But whether international law is competent enough to ensure cyber security around the world, is still a matter of question. This article would analyse the importance of international law in regulating cyber activities and the challenges faced by it in ensuring cybersecurity.
APPLICABILITY AND ROLE OF INTERNATIONAL LAW IN REGULATING CYBER ACTIVITIES:
Nowadays, most of the work is done with the help of the internet. All the data is stored online which poses the risk of being accessible to anyone else on the internet. International law has been considered very important in maintaining peace in cyberspace. Cybercrime is like a virus that creeps into and infects all the files concerning finances, medical, commercial information, etc. The Twitter cryptocurrency attack during mid-2020 has disclosed how unprotected cyberspace was.
The Twitter accounts of renowned public figures like Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Apple, and Uber were hacked. New Zealand’s stock exchange had to stop its operation because of the multiple cyber-attacks. To avoid such situations, it is important that cyberspace is regulated by stringent laws and policies. International law, particularly, the United Nations Charter has been recognized as essential law that governs cyber activity. According to the 2015Group of Governmental Experts report, the states must observe certain principles of international law, like state sovereignty, sovereign equality, settling the disputes in a peaceful manner, and non-intervention in the internal affairs of other countries. International law operates in cyberspace with the help of a few legal principles. First, the prohibition of the use of force/ armed attacks by the UN Charter.
Article 2(4) of the UN Charter states that “all members shall refrain in their international relations from the threat or use of force against the integrity or political independence of any state or in any other manner inconsistent with the purposes of the United Nations.” Second, the legal principle of state sovereignty is usually applicable to the activities of states with respect to cyberspace.
It has been observed that there are certain aspects of international law, like international humanitarian law and international human rights law, which are also applicable to the state’s activities with respect to cyberactivity. If any cyber operation of a state violates the sovereignty of another state, then it is deemed as contrary to international law. Third, the legal principle of non-intervention applies in the domain reserve of the information and communication technology infrastructure of states and thus, if any country interferes in the cyber activity of another, then it is against the international law. International law helps the countries in ensuring that they don’t expose their vital information and therefore, prevents and alleviates cyber-attacks.
CHALLENGES FACED BY INTERNATIONAL LAW IN ENSURING CYBERSECURITY:
Today, we can achieve anything with the help of technology. We don’t have to search through a zillion papers to get/ verify our info. We can do it by just clicking on our phones but we are more exposed than we ever were. Our info can be accessed by anyone on the internet. Cyberattacks have become a powerful weapon that is inexpensive and effortless because of their dependency on just computers, the internet, and networks. In order to prevent such illegal activities, cyberspace is governed by international law. However, even the law is facing challenges to keep up with growing technology’s adversaries.
The ‘use of force’ under article 2(4) under the UN Charter governs cyber activity. It prohibits the use of force or armed aggression against any country. But does the cyberattack come under the definition of the use of force under Article 2(4)? It does not involve any use of arms or it does not even involve the use of force. So how can it be decided whether international law prevents cyberattacks?
The answer to the question is somewhat divided. There are scholars who believe article 2(4) includes cyberattacks under the purview of use of force and some argue against it. There is still ambiguity with respect to the answer to this question. Cyberspace is not just limited to state actors but it also includes private actors and non-state actors like hackers and technology companies.
International law gives great attention to the activities of the state but it ignores the other players, which is where the problem arises. These individual hackers and private technology companies are constantly active in cyberspace and have caused major disruptions under an ineffective legal system. International law has failed to punish these non-state actors to maintain peace in cyberspace. The promotion of digital sovereignty has escalated the challenges of international law in cyberspace. Digital sovereignty gives authority and control to the states over their own data/ cyberspace. This creates a problem in drafting an efficient international law on cyber law which in turn would result in non-punishment of the cyber violators.
This article started with the question of ‘can the current international law ensure cyberspace’ and the answer to this question is ‘no’. It is true that international law governs cyber activities and it aims to prevent cyber-attacks and maintain peace in cyberspace. But its efficiency has decreased because of the challenges it is being subjected to. In order to overcome this impending legal problem, it is important that effective and stringent rules and regulations are framed. International law should also take into consideration the activities of non-state actors in cyberspace.
U.N. Charter art 2, cl 4.
Nori Katagiri, Why international law and norms do little in preventing non-state cyber-attacks, J Cybersecurity, 1, 2020.
Abid A. Adonis, International Law on Cyber Security in the Age of Digital Sovereignty, 2014.